At Nodeware, we process a lot of data, both from all the scans run and the various security and threat intelligence feeds that we ingest. One of the best vendors, when it comes to self-publishing vulnerability information and making it accessible, is Canonical, the company behind Ubuntu Linux. Their approach to fixing the vulnerabilities that affect Ubuntu is very transparent and community driven.
Since the release of the Nodeware Agent for Linux, we’ve been looking at ways to enhance the data you see and ensure that it is both accurate and actionable. CVEs that correspond to Ubuntu Security Notices (USNs) have included a link out to the related USN in the ‘See Also’ section of the vulnerability detail view. Starting today, we’re embedding the content of the USNs directly into the dashboard, hopefully saving you time and clicks.
As you can see in the example above, in addition to a platform specific description, a solution is provided along with information about the affected packages and the patched versions per release.
All in all, we imported over 6,200 USNs that map to almost 14,000 CVEs. We’re continuing to evaluating other vendor specific feeds to continue to improve and enhance your Nodeware experience.
As always, if you have any questions, we provide support directly through the dashboard.